MasterCard International and VISA International recently proposed the Secure Electronic Transaction (SET) protocol. Constrained by being an extension of the existing card payment networks to the Internet, SET does not satisfy the concern about privacy infringement, in particular, caused by data aggregation. This paper revises SET, guided by the principle of information segregation and hiding. The revision allows cardholders to take part in account reporting, and offers them a credit card surrogate to conceal their credit card identification in the electronic marketplace. The result is a successful counter to privacy infringement in both the small scope of a transaction and the much broader scope of data aggregation. (C) 1998 Published by Elsevier Science Ltd.